Please help!

Discussion in 'Malware Help (A Specialist Will Reply)' started by Diogenes88, Jul 24, 2013.

  1. Diogenes88

    Diogenes88 Private E-2

    Hi,

    I recently installed a new SSD for my operating system and commonly used programs. I reformatted and left my old HDD for data storage. I do have one game that I play a lot and it is installed on the new SSD... World of Tanks.

    Everything was going great until I downloaded and started using a third-person mod for the game, one that compiles and evaluates player ingame statistics. This add-on required me to install Microsoft Net Framework 4. I feel, perhaps wrongly, that this mod is safe...because literally tens of thousands of savvy players use it constantly with no complaints. I'm not sure what to think...

    Since adding Net Framework 4, strange things started occurring and have steadily become more obnoxious. While on the Internet, my security settings seem screwed up and all the solutions that Microsoft suggests don't work. There are yellow warning bars at the bottom of most every webpage telling me that something was blocked from loading / or couldn't be displayed properly. As well, clicking to expand a news article, ie "Click here to see more..." as well as anti-script features like "Captcha" don't work / show up.

    In addition, the Internet and main programs are running more slowly and sometimes an odd webpage pops up in the background. Finally, I run SuperAntiSpyware Pro and Comodo Antivirus, and have them set up to auto-update and do a full scan twice a week while I'm asleep. For the last few weeks I've noticed that the scans are not complete and there are messages saying 'access forbidden' and/or 'the scan could not be completed'.

    Today, I uninstalled both the Microsoft Net Framework 4 and 4 Extended, but the problems persist.

    I've followed all of your instructions and am attaching the relevant logs...with the exception of the TDSKiller log, which didn't give me a log and doesn't appear to work correctly. I got an error message when trying to start it, which stated, "Can't initialize log" at 10% and another that stated, "Cannot load driver" at 40%. If I clicked on "Ok," the scan continued without finding anything...but no log was created.

    Thanks in advance for your assistance.
     

    Attached Files:

    Diogenes88, Jul 24, 2013
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    You can rerun RogueKiller and click on the DNS tab and have it fix those entries. Other than that, I am not finding any malware in your logs. I suggest you post in the software forum for additional assistance.

    If you are not having any other malware problems, it is time to do our final steps:

    1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
    2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /uninstall
        • Notes: The space between the combofix" and the /uninstall, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.

    3. Go back to step 6 of the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
    4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    5. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
    6. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    7. Go to add/remove programs and uninstall HijackThis.
    8. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders
      related to MGtools and some other items from our cleaning procedures.
    9. If you are running Win 7, Vista, Windows XP or Windows ME, do the below:
      • Refer to the cleaning procedures pointed to by step 7 of the READ ME
        for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore to create a new clean Restore Point.
    10. After doing the above, you should work thru the below link:


    Malware removal from a National Chain = $149
    Malware removal from MajorGeeks = $0
     
    TimW, Jul 24, 2013
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds